Embodiments generally relate to access controls for web-based applications. More particularly, embodiments relate to detecting, enforcing and controlling access privileges to non-native web applications.
HTML5 (Hypertext Markup Language 5, e.g., HTML5 Editor's Draft 8 May 2012, World Wide Web Consortium/W3C, www*w3*org) is an emerging markup language that may support more robust multimedia related web platform development and the combining of more functional web content from different sources. The use of HTML5 by an application developer, however, may also expose the control of certain features and/or functionality of the web content such as advertisements, pop-ups, widgets, and scripts to other web applications as well as end users, wherein the exposure of such control may lead to security concerns. For example, a sandbox may be a set of rules that are used when creating an application in order to prevent certain functions when the code is sent as part of a Web page. Additionally, a sandbox may restrict an application from accessing other applications inside the browser and random client resources (e.g., a code isolation tool in the context of software development). Undetected malware may disable the HTML5 sandbox attribute in order to capture sensitive user data stored, for example, on the hard drive. Moreover, users may disable the sandbox attribute without fully understanding the ramifications of disablement (e.g., loss of desired functionality).